Ios Security Vulnerabilities and Issues — Page 13 of Ios CVE List

Lucene search

CiscoIos

612 matches found

CVE•added 2007/08/08 11:17 p.m.•31 views

CVE-2007-4263

Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors.

8.5CVSS6.2AI score0.02219EPSS

CVE•added 2011/10/22 2:59 a.m.•31 views

CVE-2011-1640

The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354.

7.8CVSS7.3AI score0.00527EPSS

CVE•added 2012/09/16 10:34 a.m.•31 views

CVE-2012-3895

Cisco IOS 15.0 through 15.3 allows remote authenticated users to cause a denial of service (device crash) via an MVPNv6 update, aka Bug ID CSCty89224.

6.3CVSS6.5AI score0.0034EPSS

CVE•added 2015/03/06 3:0 a.m.•31 views

CVE-2015-0659

The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS allows remote attackers to trigger self-referential adjacencies via a crafted Autonomic Networking (AN) message, aka Bug ID CSCup62157.

5CVSS6.8AI score0.00243EPSS

CVE•added 2016/02/17 4:59 p.m.•31 views

CVE-2016-1333

Cisco IOS 15.5(3)M and 15.6(1)T0a on Cisco 1000 Connected Grid routers allows remote authenticated users to cause a denial of service (device reload) via an SNMP request for unspecified BRIDGE MIB OIDs, aka Bug ID CSCux89878.

6.8CVSS6.2AI score0.00454EPSS

CVE•added 2016/09/12 10:59 a.m.•31 views

CVE-2016-6398

The PPTP server in Cisco IOS 15.5(3)M does not properly initialize packet buffers, which allows remote attackers to obtain sensitive information from earlier network communication by reading packet data, aka Bug ID CSCvb16274.

5.3CVSS5AI score0.00273EPSS

CVE•added 2012/05/02 10:9 a.m.•30 views

CVE-2011-2586

The HTTP client in Cisco IOS 12.4 and 15.0 allows user-assisted remote attackers to cause a denial of service (device crash) via a malformed HTTP response to a request for service installation, aka Bug ID CSCts12249.

5.4CVSS6.8AI score0.00427EPSS

CVE•added 2012/09/16 10:34 a.m.•30 views

CVE-2012-3924

The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service (device crash) via a session involving a PPP over ATM (PPPoA) interface, aka Bug ID CSCty979...

3.5CVSS6.4AI score0.00377EPSS

CVE•added 2013/11/22 7:55 p.m.•30 views

CVE-2013-6694

The IPSec implementation in Cisco IOS allows remote attackers to cause a denial of service (MTU change and tunnel-session drop) via crafted ICMP packets, aka Bug ID CSCul29918.

4.3CVSS6.8AI score0.00443EPSS

CVE•added 2016/09/24 1:59 a.m.•30 views

CVE-2016-6410

The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuy19856.

6.8CVSS6.1AI score0.00308EPSS

CVE•added 2016/09/24 1:59 a.m.•30 views

CVE-2016-6412

The Cisco Application-hosting Framework (CAF) component in Cisco IOS 15.6(1)T1 and IOS XE, when the IOx feature set is enabled, allows man-in-the-middle attackers to trigger arbitrary downloads via crafted HTTP headers, aka Bug ID CSCuz84773.

6.5CVSS6.4AI score0.00149EPSS

CVE•added 2016/09/22 10:59 p.m.•29 views

CVE-2016-6414

iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, aka Bug ID CSCuz59223.

7.8CVSS7.8AI score0.00222EPSS

Total number of security vulnerabilities612